The Code Keepers: vSAN Native Encryption – Part 2

There are three parties involved in vSAN encryption – (1) Key Management Server or the KMS server (this is the entity that generates the keys)) (2) vCenter and (3) vSAN host or ESXi host Before we attempt to encrypt any data on vSAN, the first step is to set up a domain of trust among 3 parties (KMS, vCenter and vSAN host).